package com.zxy.config.handler;

import cn.hutool.json.JSONObject;
import cn.hutool.json.JSONUtil;
import com.zxy.config.annotation.NeedAuthorization;
import com.zxy.config.annotation.NoAuthorization;
import com.zxy.config.jwt.JwtUtil;
import com.zxy.config.result.ResultData;
import com.zxy.config.utils.NetWorkHandlerUtil;
import com.zxy.domain.User;
import com.zxy.mapper.UserMapper;
import io.jsonwebtoken.Claims;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.PrintWriter;
import java.lang.reflect.Method;

/**
 * 这个拦截器主要用来负责管理访问的用户是否有角色访问该接口
 */
@Component
@Slf4j
public class AuthorizationHandler implements HandlerInterceptor {

    @Autowired
    private JwtUtil jwtUtil;

    @Resource
    private UserMapper userMapper;

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        response.setCharacterEncoding("utf-8");
        if (handler instanceof HandlerMethod){
            Method method = ((HandlerMethod) handler).getMethod();
            if (method.getAnnotation(NoAuthorization.class)!=null){
                // 如果有接口上标注了这个注解 代表这个接口不需要jwt认证直接放行
                return true;
            }
            String token = request.getHeader("token");
            if (StringUtils.hasLength(token)){
                try {
                    Claims claims = jwtUtil.parseToken(token);
                    NeedAuthorization methodAnnotation = method.getAnnotation(NeedAuthorization.class);
                    User user = userMapper.findUserByEmail(String.valueOf(claims.get("email")), null);
                    if (user.getRole().equals(methodAnnotation.role())){
                        return true;
                    }else {
                        JSONObject jsonObject = new JSONObject();
                        jsonObject.set("1001","访问权限不足");
                        NetWorkHandlerUtil.println(response,jsonObject);
                        return false;
                    }
                } catch (Exception e) {
                    JSONObject jsonObject = new JSONObject();
                    jsonObject.set("1002","token有问题");
                    NetWorkHandlerUtil.println(response,jsonObject);
                    return false;
                }
            }else {
                JSONObject jsonObject = new JSONObject();
                jsonObject.set("1003","当前请求中未携带token");
                NetWorkHandlerUtil.println(response,jsonObject);
                return false;
            }
        }else {
            JSONObject jsonObject = new JSONObject();
            jsonObject.set("1004","方法有问题，请联系后台开发人员进行处理");
            NetWorkHandlerUtil.println(response,jsonObject);
            return false;
        }
    }
}
